Hacking APIs with Node.js

Estimated reading time: 3 minutes

Table of contents

If you have a problem, if no one else can help, and if you can find them, maybe you can hire the A-Team.

Recently we ran into an issue making cross-domain requests to a JSON .NET API. It was going to prove very difficult to allow browsers to make cross-domain JSON requests to the API or make any modifications to the codebase or server. We needed help. I was a big aircraft hanger, with just a Mac, a few tools and not much time…

JavaScript is a nimble if quirky little language and in Node.js we had a great toolkit to make a proxy server to bridge the gap. After working through all of the possibilities we had to fall back to using JSONP. This added the additional complication of needing to make a GET request when the API endpoint was a POST.

It takes the GET request, makes a POST request to the API with query parameters and then returns the response. We run this proxy on one of our Linux servers and use node-http-proxy to proxy port 80 traffic for a domain through to the proxy. This means browsers can now make JSONP requests to the API.

Hack or golden bullet?

After creating the proxy it is clear that because Node.js is such a strong network programming platform it can be very powerful in dealing with legacy or slow moving APIs. This comes with responsibility though. It would have been preferable for this proxy server to not be required and for the API and/or server to handle cross domain requests properly. There is now more points of failure and more complexity in the project. But in this case we needed to get the job done.

Node.js could also be used to augment legacy APIs with a more complex proxy server. Because it is easy enough to transform and mangle requests and responses it would be possible to make an entire API interface RESTful where it is not or to move an architecture that is based on long polling to WebSockets.

Tags

Recent Posts

Using HashiCorp Vault with LDAPHow to use HashiCorp Vault to setup an LDAP backed secret store with read-only access for users in groups and read-write access for specific users

Linux and Unix xargs command tutorial with examplesTutorial on using xargs, a UNIX and Linux command for building and executing command lines from standard input. Examples of cutting by character, byte position, cutting based on delimiter and how to modify the output delimiter.

Copy a file in GoHow to copy a file in Go. The ioutil package does not offer a shorthand way of copying a file. Instead the os package should be used.

About the author

George Ornbo is a hacker, futurist, blogger and Dad based in Buckinghamshire, England.